Martin Thomson
[martin.thom...@gmail.com]
Sent: Monday, 10 July, 2017 7:48:57 AM
To: Russ Housley
Cc: IETF TLS
Subject: Re: [TLS] An IETF draft on TLS based on ECCSI public key (RFC 6507)
On 8 July 2017 at 05:40, Russ Housley wrote:
> The TLS WG wants to work on a a way to combine a PSK with
On 8 July 2017 at 05:40, Russ Housley wrote:
> The TLS WG wants to work on a a way to combine a PSK with (EC)DH after the
> current specification is finished for quantum protection.
TLS 1.3 allows this already. The drawback being that you need to get
the PSK. At the moment, this means talking t
On Friday, July 07, 2017 11:14:10 am Salz, Rich wrote:
> On Thursday, July 06, 2017 10:01:08 pm Dave Garrett wrote:
> > Just as a clarification, all new RFCs should ideally meet all of the
> > following
> > criteria:
> > * AEAD only
> > * PFS only
> > * TLS 1.2 and 1.3 support
> > * no TLS 1.0 or
On Fri, Jul 07, 2017 at 03:40:03PM -0400, Russ Housley wrote:
> > - PFS or pure-PSK only.
> >
> > Small things can't do PFS unfortunately.
>
> The TLS WG wants to work on a a way to combine a PSK with (EC)DH
> after the current specification is finished for quantum protection.
Well, PSK with DH
> - PFS or pure-PSK only.
>
> Small things can't do PFS unfortunately.
The TLS WG wants to work on a a way to combine a PSK with (EC)DH after the
current specification is finished for quantum protection. Of course, that PSK
must be distributed without any public-key crypto or it will not provi
On Fri, Jul 07, 2017 at 03:14:10PM +, Salz, Rich wrote:
> > Just as a clarification, all new RFCs should ideally meet all of the
> > following
> > criteria:
> > * AEAD only
> > * PFS only
> > * TLS 1.2 and 1.3 support
> > * no TLS 1.0 or 1.1 support (let alone SSL)
> > * no use of broken hashe
> Just as a clarification, all new RFCs should ideally meet all of the following
> criteria:
> * AEAD only
> * PFS only
> * TLS 1.2 and 1.3 support
> * no TLS 1.0 or 1.1 support (let alone SSL)
> * no use of broken hashes (MD5, SHA1, etc.)
That's a good idea.
Want to throw together a quick draft
On Tuesday, July 04, 2017 07:21:44 am Ilari Liusvaara wrote:
> However, this requires
> TLS 1.2 or newer, but that should not be a problem.
>
> - The proposed ciphersuites are really bad.
Just as a clarification, all new RFCs should ideally meet all of the following
criteria:
* AEAD only
* P
: ilariliusva...@welho.com [mailto:ilariliusva...@welho.com]
Sent: Tuesday, 4 July, 2017 7:22 PM
To: Wang Haiguang
Cc: tls@ietf.org
Subject: Re: [TLS] An IETF draft on TLS based on ECCSI public key (RFC 6507)
On Tue, Jul 04, 2017 at 08:47:16AM +, Wang Haiguang wrote:
> Dear all,
>
> This
On Tue, Jul 04, 2017 at 08:47:16AM +, Wang Haiguang wrote:
> Dear all,
>
> This Haiguang Wang from Huawei Technology.
>
> I have submitted an IETF draft on using ECCSI public key for
> authentication over TLS protocols. It is the first version, so the
> draft still have a lot of spaces to im
Dear all,
This Haiguang Wang from Huawei Technology.
I have submitted an IETF draft on using ECCSI public key for authentication
over TLS protocols. It is the first version, so the draft still have a lot of
spaces to improve.
ECCSI is an identity-based certificateless signature algorithm bas
11 matches
Mail list logo